Our Commitment to Your Privacy
Where your personal information is protected by other law, such as the Australian Privacy Act 1988 (Cth), We will, at a minimum, process that information in accordance with that law.
We are engaged in the following business activities:
- promoting, offering, selling and providing managed services, hosting services and software, platform or infrastructure “as a service”;
- promoting, offering, selling and performing professional services including consulting, training and supporting online services;
- any business activities related or ancillary to any of the activities set out above.
- Personal Information which is used with the same meaning as in the Privacy Act 1998 (Cth);.
- Privacy Law means the Privacy Act 1998 (Cth);
- Sensitive Information which is used with the same meaning as in Privacy Act 1998 (Cth).
We may also seek your consent through Our data collection notices that are located at key points where you may be providing Us with Personal Information.
We may also collect, hold, hold, use, transfer and process your Personal Information in any other way that is permitted by law, including applicable privacy legislation.
What Personal Information do We Collect and Hold?
We may collect and hold the following types of Personal Information:
- name, date of birth and relationship to other individuals (e.g. record of next of kin or emergency contact);
- address, phone number, fax number, email address, Skype address and other addresses/contact details/identifiers used in electronic communications or business cards;
- voicemail recordings left in Our phone system and images that individuals have made publicly available or provided to Us;
- video and sound recordings from Our security systems;
- demographic information such as postcode, preferences or interests;
- information, including data, images, video and sound recordings, that you, or people authorised by you enter into our software programs and services or use the features in our software programs or services to import from other software applications;
- information about the products or services that you purchase or consider purchasing from Us, Our suppliers or business associates;
- information about enquiries made to Us, Our suppliers or business associates;
- information you provide when you raise a support enquiry or when We are working with you to resolve a technical or administrative query;
- information that you provide in response to market research, surveys or competitions that are conducted by or for Us;
- information that is provided in respect of employment, contract work, work experience or similar, whether solicited or unsolicited;
- credit card or details of other payment methods used on Our website, software programs or services, to purchase Our products and services or in connection with Our support of community or charitable causes; and/or
- the information set out in section 9 below, which may be identifiable in conjunction with any of the information set out above.
Generally, we do not collect or hold Sensitive Information. The only exceptions to this rule are:
- where the Sensitive Information is directly linked to the individual’s employment records and Our collection, holding and use is permitted by applicable law for the purpose of managing the individual’s employment record;
- where Sensitive Information is provided to Us in connection with the individual seeking employment, internship, work experience, contract work or similar, whether solicited or unsolicited;
- health related information that is provided by attendees at our offices, events or training venues that is used for the purpose of providing appropriate access, hospitality, food or beverage.
How do We Collect and Hold Personal Information?
We collect Personal Information in a number of ways, including:
- through Our website;
- through communications with you, including letters, emails, telephone calls, voicemail messages, facsimiles, surveys, competitions and via social media applications;
- through communications with others;
- in the course of you using our software programs and services, when you or people authorised by you load those details into the software programs or services;
- in the course of providing Our products and services to you, including providing support through Our support service;
- in the course of Our business functions and activities.
We hold Personal Information:
- in Our hard copy files;
- in the databases associated with the software programs or services that you have licensed from Us;
- in other systems that We use in connection with Our business, some of which may be owned and operated by Our suppliers; and
- in the database associated with Our website.
- If you elect not to provide Us with Personal Information then We may not be able to provide you with the information, products, services or support that you may want.
- We may receive other unsolicited Personal Information in the course of Our business, for example, where you send Us a resume (which includes your name, address and work history) without Us specifically asking you to. We will deal with this unsolicited Personal Information in accordance with our legal obligations.
The Purposes for which We use Personal Information
We collect, hold, use and disclose Personal Information for the following purposes:
- pursuing Our business activities and functions;
- where required by law, communicating with appropriate regulators and individuals who are communicating with you or Us, or with whom We have a lawful obligation to communicate;
- seeking Our professional advice, in the support of Us performing Our business functions and activities;
- allowing the technical support personnel to provide assistance to you (or your employer), if needed;
- facilitating authorised transactions between you (or other people who you are acting for) and Us or between you (or other people who you are acting for) and other people and organisations who are accessible via Our website or other electronic means;
- facilitating payment for the purchase of products or services through Our website or otherwise. In this case you may be directed to (or We may use to facilitate the transaction) a third party website (a secure internet payment gateway) approved by the relevant financial institution within your country of access with whom you bank to enter your credit/debit/charge card or other payment mechanism details. This third party may in turn integrate the payment software with a third party payment application provider who assists in managing the payment transaction. Where you are redirected in this way, you will be subject to the privacy policies of the third party providers;
- performing certain functions via Our website, e.g. conducting surveys, market research, mail outs, competitions or using social media;
- conducting surveys, market research, mail and competitions off line;
- improving the quality of Our website and Our products and services;
- allowing you to participate in interactive features of Our service, when you choose to do so;
- developing or adding additional products and services from Us or existing or new people and organisations that are accessible via Our website;
- Our training and quality assurance purposes;
- Our website safety and security purposes;
- Our administrative purposes;
- allowing technical support personnel to manage Our infrastructure, systems, databases other applications or tools;
- statistical analysis of the usage of Our website or applications or tools that are accessed via the website; and/or
- complying with applicable laws, including relevant privacy legislation.
We also collect, hold, use and disclose Personal Information for the purpose of direct marketing of any of Our other services or products which We consider may be of interest to you where you have given Us your express or implied consent to Us using Personal Information for this purpose.
If you have given Us your express or implied consent to provide you with direct marketing communications We may collect, hold, use and disclose Personal Information in accordance with that consent to enable Us to provide you (or other people who you are acting for) information about, and offer you (or other people who you are acting for), other products and services that We offer and which We consider may be of interest to you.
Storage and Disclosure of Personal Information (including overseas transfers)
We take appropriate measures to secure personal data and protect it from loss or unauthorised disclosure or damage. All Personal Information provided to Us will be held for so long as we reasonably require to deliver services to you or to or your employer or as otherwise required for regulatory or other legal purposes and will be hold on secure servers. Any payment transactions processed by Us or any applicable third party will be encrypted using SSL technology.
- where We have a supplier assisting Us with providing assistance with Our business activities and functions;
- where Our website, any hosting service or “as a service” We use to support Our products or services, is hosted by Us or a third party, and the hosting facilities and/or the back-up/disaster recovery sites are located overseas;
- where a third party application is being used in connection with Our interactions with you, e.g. when We use email or Skype, the third party providers of the relevant application have their applications hosted overseas;
- where We use credit referencing agencies to verify your creditworthiness and/or report back to the credit organisation on your payment history or other details of the financial relationship between us;
- where analytics and search engine providers assist Us in the improvement and optimisation of Our website.
The countries in which We know that Personal Information may be processed and/or transferred to include:
- the United States of America;
- United Kingdom; and
Where We have given you (or where you have chosen) a password which enables you to access certain parts of Our website or any part of Our services, you are responsible for keeping this password confidential. You must not share any password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your Personal Information, We cannot guarantee the security of your Personal Information transmitted to Us or Our site; any transmission is at your own risk. Once We have received your information, We will use Our procedures and security features to try to prevent unauthorised access.
Use of Social Media
Our websites use social media includes blogs, Twitter feeds, and links to other social media, including Facebook, Linked In, Twitter etc. The nature of social media is that these applications actively enable exchange and disclosure of any information, whether personal or otherwise, that is included within those applications. All information, including Personal Information that you enter in those applications may be used, hold, handled and disclosed in any way that is consistent with the privacy policies of the relevant applications, if any. All information that is posted by you in a blog, twitter feed or other social media in connection with the website should be considered as public information that may be used, copied and adapted by any person for any means and should not be
posted unless you are prepared to specifically state what restrictions on use there may be with that information or are prepared to accept that it may be used, copied, adapted, hold, handled and disclosed to any other person in any way. We accept no responsibility or liability for any Personal Information that you decide to publish on any social media outlet, including through Our website.
Cookies, Metadata and Site Data Activity
A cookie is a small piece of computer code which remains on your computer and contains information which helps Us identify your browser.
When you visit Our website and applications and tools on it, the cookie records the authentication to allow your user id to login. We use the information gathered by cookies to identify your web browser so that when you log in on the next occasion your use of Our website and other applications and tools on it is easier and faster because the website has remembered your details.
Sometimes information that you upload is provided with associated metadata. If you do not want Us to use the metadata you must remove it by erasure from the underlying document/materials properties before uploading it onto Our website and other applications and tools.
Links to other Websites and Applications
Our website includes links to other websites, applications and tools that are not owned or operated by Us. We not responsible for the content of those websites, applications or tools, nor for any products, services or information contained in them or offered through them. You should review the privacy policies and terms and conditions of use of those websites, applications and tools when you visit them. We do not endorse, recommend, condone or represent the companies or any content on any third party linked website and may terminate the link or linking program at any time.
How to Use any of your Rights as a Data Subject or to Complain
Under the Privacy Law We must ensure that your Personal Information is accurate and up to date. Therefore, please advise Us of any changes to your information.
If you want to find out what Personal Information We hold on you, or you believe any of your Personal Information that is held by Us is inaccurate, out of date, incomplete, irrelevant or misleading or it is not necessary for Us to continue to hold it, or that We are not processing it lawfully, you can contact Us and We will either provide you with access to the Personal Information (in so far as We are legally able and required to do so by applicable law,) or We will delete it or correct it or satisfy your rights, within a reasonable period, in accordance with applicable privacy legislation.
- email at the following email address: firstname.lastname@example.org; or
- using the “Contact Us” web form on Our website: www.itoc.com.au/contact-us.
If you make any such complaint, We may be obliged to report that complaint to the relevant local regulator within the time frames set out in Privacy Law. We may also be obliged to self report breach of privacy to the regulator within the time frames set out in Privacy Law.
We will aim to respond to any complaint within 10 business days of the date of receipt. We will attempt to resolve your complaint to your satisfaction. If you are not satisfied with how We deal with your complaint you may contact the Office of the Australian Privacy Commissioner at: www.oaic.gov.au.